VYPR

Bochs

by Bochs Project

CVEs (4)

  • CVE-2018-25220CriMar 28, 2026
    risk 0.64cvss 9.8epss 0.01

    Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of padding followed by a return-oriented…

  • CVE-2007-2894May 30, 2007
    risk 0.03cvss epss 0.01

    The emulated floppy disk controller in Bochs 2.3 allows local users of the guest operating system to cause a denial of service (virtual machine crash) via unspecified vectors, resulting in a divide-by-zero error.

  • CVE-2007-2893May 30, 2007
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in the bx_ne2k_c::rx_frame function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that…

  • CVE-2004-2372Dec 31, 2004
    risk 0.00cvss epss 0.01

    Buffer overflow in Bochs before 2.1.1, if installed setuid, allows local users to execute arbitrary code via a long HOME environment variable, which is used if the .bochsrc, bochsrc, and bochsrc.txt cannot be found in a known path. NOTE: some external documents recommend that…